CVE-2026-5752
Sandbox Escape in Terrarium Enables Root Code Execution
Publication date: 2026-04-14
Last updated on: 2026-04-21
Assigner: CERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cohere-ai | terrarium | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a sandbox escape in Terrarium that allows an attacker to execute arbitrary code with root privileges on the host process. It is achieved through JavaScript prototype chain traversal, which bypasses the sandbox's intended isolation.
How can this vulnerability impact me? :
The vulnerability can lead to an attacker gaining root-level access on the host system running Terrarium. This means the attacker could execute any code they want on the host, potentially compromising the entire system, accessing sensitive data, modifying or deleting files, and disrupting services.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not include any details about the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
What immediate steps should I take to mitigate this vulnerability?
To mitigate the sandbox escape vulnerability in Terrarium, ensure that you deploy the sandbox in a fully compartmentalized environment such as a Docker container or a GCP Cloud Run instance, as designed.
Since the sandbox is recycled after every invocation and restricts filesystem, threading, subprocess, and network access, maintaining these isolation boundaries is critical.
Additionally, monitor for updates or patches from the Terrarium project repository and apply them promptly.